package com.itheima.config;

import com.itheima.controller.backend.security.SpringSecurityUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;

@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.formLogin()
                .loginPage("/backend/login.html") // 自定义登录页面
                .loginProcessingUrl("/login") // 登录处理Url
                .usernameParameter("username").passwordParameter("password") // 修改自定义表单name值
                .defaultSuccessUrl("/backend/pages/main.html") // 登录成功后跳转路径
                .and()
                .authorizeRequests()
                .antMatchers("/backend/login.html").permitAll() // 允许所有用户访问登录页面
                .antMatchers("/backend/css/**", "/backend/img/**", "/backend/js/**", "/backend/plugins/**", "/favicon.ico").permitAll() // 显式允许所有用户访问这些路径
                .anyRequest().authenticated(); // 其他所有请求都需要认证

        // 关闭csrf防护
        http.csrf().disable();
        // 允许iframe加载页面
        http.headers().frameOptions().sameOrigin();
    }

    @Autowired
    private SpringSecurityUserService userService;

    @Bean
    protected PasswordEncoder myPasswordEncoder() {
        return new BCryptPasswordEncoder();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userService).passwordEncoder(myPasswordEncoder());
    }
}




/*
package com.itheima.config;

import com.itheima.controller.backend.security.SpringSecurityUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;

//Security配置类



@Configuration
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {


    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.formLogin()// 开启表单认证
                .loginPage("/backend/login.html")// 自定义登录页面
                .loginProcessingUrl("/login")// 登录处理Url
                .usernameParameter("username").passwordParameter("password")// 修改自定义表单name值.
                .defaultSuccessUrl("/backend/pages/main.html")// 登录成功后跳转路径
                .and()
                .authorizeRequests()// 所有请求都需要认证
                .antMatchers("/backend/login.html").permitAll()
                //_____________________________________________________________
                .antMatchers("/backend/css/**", "/backend/img/**", "/backend/js/**", "/backend/plugins/**", "/favicon.ico")
                .permitAll() // 显式允许所有用户访问这些路径
                //_______________________________________________________________
                .anyRequest().authenticated();

        // 关闭csrf防护
        http.csrf().disable();
        // 允许iframe加载页面
        http.headers().frameOptions().sameOrigin();
    }
 */
/*  @Override
   protected void configure(HttpSecurity http) throws Exception {
       http
               // 开启表单认证
               .formLogin()
               // 登录页地址，未登录用户访问权限控制的url，会自动跳转到该url，后端注意接收该url
               .loginPage("/login")
               // 登录校验地址，前端将用户信息发送到该地址会自动校验用户合法性
               .loginProcessingUrl("/loginUrl")
               // 登录校验错误页地址，后端注意接收该url
               .failureUrl("/login-error");
   }*//*


    @Override
    public void configure(WebSecurity web) throws Exception {
        web.ignoring().antMatchers("/backend/css/**", "/backend/img/**",
                "/backend/js/**", "/backend/plugins/**", "/favicon.ico");
    }

    @Autowired
    private SpringSecurityUserService userService;
    @Bean
    protected PasswordEncoder myPasswordEncoder(){
        return new BCryptPasswordEncoder();
    }
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userService).passwordEncoder(myPasswordEncoder());
    }



}
*/
